Closed orkhanalizade closed 9 years ago
If you truly want security you must exchange information via SSL, there are no other ways. So you can either activate SSL within RESTHeart or you can put a secure reverse proxy in front of it (Nginx or Apache). For the first option:
(please note that we are slowly moving the documentation to Confluence)
For our internal projects we use Nginx because it is much easier to configure, but that's up to you.
But in the case that if I'll send my credentials via SSL, are my credentials encrypting and/or can other people find/see my credentials?
ср, 12 авг. 2015 г. в 12:21, Maurizio Turatti notifications@github.com:
If you truly want security you must exchange information via SSL, there are no other ways. So you can either activate SSL within RESTHeart or you can put a secure reverse proxy in front of it (Nginx or Apache). For the first option:
- https://softinstigate.atlassian.net/wiki/display/RH/5.+Advanced+Configuration#id-5.AdvancedConfiguration-SSL
(please note that we are slowly moving the documentation to Confluence)
For our internal projects we use Nginx because it is much easier to configure, but that's up to you.
— Reply to this email directly or view it on GitHub https://github.com/SoftInstigate/restheart/issues/43#issuecomment-130197605 .
In that case you are connecting to a HTTPS URL via SSL and it's exactly like exchanging information with a secure Web server via a browser, nothing less and nothing more. Of course, you should use a self-signed certificate only for development or limited internal usage, for production deployment on a public server you must buy a real SSL certificate from a verified certificate authority (your Internet provider might be one of those, but there are plenty).
In documentation writes that I must include my credentials inside of the command:
http PUT 127.0.0.1:8080/myfirstdb -a username:password
But it's not securely to use my credentials inside of the command. Can I connect, authorize, with the credentials from the file based Identity Manager configuration?